Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

skmsg: Fix wrong last sg check in sk_msg_recvmsg() #3401

Closed
wants to merge 2 commits into from
Closed

skmsg: Fix wrong last sg check in sk_msg_recvmsg() #3401

wants to merge 2 commits into from

Conversation

kernel-patches-bot
Copy link

Pull request for series with
subject: skmsg: Fix wrong last sg check in sk_msg_recvmsg()
version: 1
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736

@kernel-patches-bot
Copy link
Author

Master branch: 40b0965
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 40b0965
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 64893e8
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 64893e8
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 64893e8
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 58250ae
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 5eff8c1
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: a6df067
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 639de43
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: dc81f8d
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 3b317ab
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: d0b80a9
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 14250fa
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 14250fa
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=663736
version: 1

@kernel-patches-bot
Copy link
Author

Master branch: 54c9397
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 4961d07
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: cea5588
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 8308bf2
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 8308bf2
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 1f23577
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 1f23577
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 807662c
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 807662c
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 738a2f2
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@kernel-patches-bot
Copy link
Author

Master branch: 738a2f2
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=666250
version: 2

@liujian56
skmsg: Fix wrong last sg check in sk_msg_recvmsg()
adfc3f5 
Fix one kernel NULL pointer dereference as below:

[  224.462334] Call Trace:
[  224.462394]  __tcp_bpf_recvmsg+0xd3/0x380
[  224.462441]  ? sock_has_perm+0x78/0xa0
[  224.462463]  tcp_bpf_recvmsg+0x12e/0x220
[  224.462494]  inet_recvmsg+0x5b/0xd0
[  224.462534]  __sys_recvfrom+0xc8/0x130
[  224.462574]  ? syscall_trace_enter+0x1df/0x2e0
[  224.462606]  ? __do_page_fault+0x2de/0x500
[  224.462635]  __x64_sys_recvfrom+0x24/0x30
[  224.462660]  do_syscall_64+0x5d/0x1d0
[  224.462709]  entry_SYSCALL_64_after_hwframe+0x65/0xca

In commit 9974d37 ("skmsg: Fix invalid last sg check in
sk_msg_recvmsg()"), we change last sg check to sg_is_last(),
but in sockmap redirection case (without stream_parser/stream_verdict/
skb_verdict), we did not mark the end of the scatterlist. Check the
sk_msg_alloc, sk_msg_page_add, and bpf_msg_push_data functions, they all
do not mark the end of sg. They are expected to use sg.end for end
judgment. So the judgment of '(i != msg_rx->sg.end)' is added back here.

Fixes: 9974d37 ("skmsg: Fix invalid last sg check in sk_msg_recvmsg()")
Signed-off-by: Liu Jian <liujian56@huawei.com>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Acked-by: Jakub Sitnicki <jakub@cloudflare.com>
@kernel-patches-bot
Copy link
Author

At least one diff in series https://patchwork.kernel.org/project/netdevbpf/list/?series=666250 irrelevant now. Closing PR.

@kernel-patches-bot kernel-patches-bot deleted the series/663736=>bpf-next branch August 17, 2022 20:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
accepted bpf-next V2
Projects
None yet
Milestone
No milestone
2 participants
@kernel-patches-bot @liujian56